package servlet;

import model.DBUtil;
import model.Puser;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

@WebServlet("/plogin")
public class 求职登录  extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        req.setCharacterEncoding("utf-8");
        String phone = req.getParameter("phone");
        String ppassword = req.getParameter("ppassword");
        System.out.println(phone);
        System.out.println(ppassword);
        PrintWriter out = resp.getWriter();
        try {
            // 2. 通过 MySQL 查询，得到用户对象
            Puser puser = query(phone, ppassword);
            if (puser == null) {
                // 查不到对应的用户，代表用户名密码错误
                out.print("<script language='javascript'>alert('Wrong password. Login again!!');window.location.href='/plogin.html';</script>");
                return;
            }
            HttpSession session = req.getSession();
            session.setAttribute("pcurrentUser", puser);
            resp.sendRedirect("/");
        }catch (SQLException exc) {
            throw new ServletException(exc);
        }
    }
    private Puser query(String phone, String ppassword) throws SQLException {
        ppassword = hash(ppassword);
        try (Connection c = DBUtil.getConnection()) {
            String sql = "SELECT puid,pusername,phone FROM puser WHERE phone = ? AND ppassword = ?";
            try (PreparedStatement s = c.prepareStatement(sql)) {
                s.setString(1, phone);
                s.setString(2, ppassword);

                try (ResultSet rs = s.executeQuery()) {
                    if (!rs.next()) {
                        return null;
                    }

                    Puser user = new Puser();
                    user.puid = rs.getInt("puid");
                    user.phone = rs.getString("phone");
                    user.pusername = rs.getString("pusername");

                    return user;
                }
            }

        }
    }
        private String hash(String ppassword) {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");

                byte[] bytes = ppassword.getBytes("UTF-8");
                byte[] digest = messageDigest.digest(bytes);
                StringBuilder sb = new StringBuilder();
                for (byte b : digest) {
                    sb.append(String.format("%02x", b));
                }
                return sb.toString();

            }  catch (Exception exc) {
                return ppassword;
            }
        }
    }


